The Forefront UAG SP1 Release Notes document the following issue:
“After installing SP1 RTM on a Forefront UAG server running SP1 RC and acting as a DirectAccess server, the DNS64 service will be set to Manual. Following the installation, set the DNS64 service to Automatic and start the service.”
However, although this problem is a known issue when upgrading from Forefront UAG RC1 to SP1, from my recent deployment experience it can also happen when deploying UAG SP1 onto an RTM version (including RTM U1 and RTM U2 versions).
The fix is easy, after applying SP1, simply reconfigure the Microsoft Forefront UAG DNS64 Service service startup type to be Automatic as opposed to Manual; then start the service manually.
This issue (obviously) assumes you are actually using the DNS64 service in your UAG DirectAccess deployment and consequently need the DNS64 service to be started and running to provide DNS translation services from IPv6/IPv4.
A bit annoying I agree, but an easy fix nevertheless